HAVA Funding Strategy: Part 1—Securing Election Systems
In the Consolidated Appropriations Act of 2018, Congress released $380 million in HAVA funds for states to improve the administration of elections, making it clear that upgrading election technology and improving election security is a top priority across the nation.
Whether it’s a state exploring the possible ways to allocate the new funds, or a county looking to identify the most impactful way to increase security and integrity in their election ecosystem, it’s best to have a broad education using resources currently available before you can analyze your own systems and processes and prioritize your needs.
The U.S. Election Assistance Commission has a breakdown on the ways states can use the HAVA funds and other frequently asked questions here.
Educational Tools for Securing Election Systems:
- Center for Internet Security (CIS) released a new handbook for elections infrastructure security, available as a free download on their website.
- The Department of Homeland Security (DHS) has an informative resource center on election security, including information on free cybersecurity assessments and trainings.
- Several helpful webinars and articles can also be found on the Multi-State Information Sharing & Analysis Center, including the option to receive daily cyber tips and over 900 hours of free cybersecurity training for any government employee or veteran.
- We also have practical, easy-to-implement tips for cybersecurity best practices in the Security 101 section of our blog.
- International Association of Government Officials (iGO) offers a Cybersecurity 101 Cybersecurity 101 for Government Officials webinar. Both examples of security breaches and tactics to avoid them are provided.
- The EAC has a checklist to ensure security best practices for Voter Registration Data.
- Procuring new operating systems can be costly, but when software is no longer supported, important security upgrades/patches will no longer be available without expensive extended support agreements. Awareness of these dates ahead of time, for instance, the lifecycle of Windows or Linux, is important to ensure maintained security.
- An introduction to post-election audits and how various states are currently conducting them can be found on the National Conference of State Legislatures website.
- The State of Colorado recently performed a well-publicized risk-limiting audit of their statewide election results. The Denver Elections office issued a report explaining the process, what worked well, and areas that could use improvement. This is a really good starting point for election administrators looking to understand the mechanics of RLAs.
- The reports provided by various states and counties documenting Logic and Accuracy Testing and post-Election Audit Initiatives on the EAC’s website can provide an overview of what was attempted between 2010 to 2013 and the success of those initiatives.
- The EAC has become a valuable resource hub for information on voting systems, including information on those with verified voter paper trails, along with information on testing, system guidelines, and considerations for both procurement and managing voting systems.
If you have any specific concerns not addressed above, drop us a line and we’d be happy to point you in the right direction.